The %{spec_version} macro was being referenced in the Version field
before it was defined, causing RPM packages to show literal '%{spec_version}'
instead of the actual version number.
Moving the macro definition to the top of the spec file ensures it's
expanded correctly during rpmbuild.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Bump version from 1.0.2 to 1.0.4
- Add changelog entry for sdnotify integration
- Author: Jacquin Antoine <rpm@arkel.fr>
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Add github.com/coreos/go-systemd/v22/daemon dependency
- Signal SdNotifyReady after configuration is loaded
- Start watchdog goroutine that pings systemd every WatchdogSec/2
- Signal SdNotifyStopping during graceful shutdown
- Update systemd unit file:
- Type=notify (instead of simple)
- WatchdogSec=30 (auto-restart if service hangs)
- NotifyAccess=main (only main process can notify)
Benefits:
- systemd knows when service is truly ready
- Automatic detection of hung/frozen service
- Better integration with systemd supervision
- More accurate service status reporting
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Update Makefile to extract PKG_VERSION from spec file
Reads '%define spec_version 1.0.2' as default version
- Update spec file with proper version macro logic
Version field now uses %{spec_version}
Supports override via --define 'build_version X.Y.Z'
Falls back to 1.0.2 when build_version is not defined
This ensures RPM packages are built with the correct version
defined in the spec file (1.0.2) instead of hardcoded 1.0.0.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Restore api.DefaultConfig() - used by internal/config/loader.go
- Restore DefaultInterface, DefaultPort, DefaultBPFFilter constants
- Restore DefaultFlowTimeout, DefaultPacketBuffer constants
- Remove unused LogLevel* constants (never referenced in codebase)
docs(architecture.yml): update packaging and service sections
- Update packaging tool from fpm to rpmbuild
- Remove CentOS 7 / RHEL 7 from target distros (EOL)
- Update rpm_builder stage description for rpmbuild workflow
- Add spec_file section with version_macro documentation
- Update service to run as root (required for packet capture)
- Update security sandboxing to match current systemd unit
- Remove pid_file (not used)
- Update binary_path from /usr/local/bin to /usr/bin
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Change systemd service to run as root instead of ja4sentinel user
- Remove user/group creation from RPM spec (%pre script)
- Update %post to set root:root ownership on directories
- Adjust security hardening for root execution (ProtectSystem=strict)
- Add ReadWritePaths for writable directories
Fixes: systemd error 'Failed at step USER spawning /usr/bin/ja4sentinel: No such process'
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Declare ARG VERSION in rpm-builder stage for FPM to access
- Add packages/ directory to .gitignore (build artifacts)
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Version: 1.0.1 → 1.0.2
- libpcap >= 1.9.0 (suppression support CentOS 7)
- Mise à jour du changelog RPM
- Description mise à jour (Rocky/Alma/RHEL 8+)
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- CentOS 7 n'est plus supporté (EOL en juin 2024)
- Minimum requis : Rocky Linux 8 / AlmaLinux 8 / RHEL 8
- Nettoyage des fichiers RPM el7
- Mise à jour de la documentation
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Ajout de usr/lib/systemd/system/ja4sentinel.service dans les packages fpm
- Correction du COPY pour utiliser le chemin local au lieu du builder
- Testé et validé sur Rocky Linux 9
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Suppression complète du support DEB (Debian/Ubuntu)
- Builder Rocky Linux 9 pour compatibilité binaire maximale
- Compilation dynamique avec libpcap comme dépendance runtime
- Activation du dépôt CRB pour libpcap-devel
- RPM générés pour el7, el8, el9, el10
- Mise à jour documentation et workflows GitHub Actions
Fix: erreur 'libpcap.so.0.8: cannot open shared object file' sur Rocky Linux 9
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Remove dependency on Dockerfile.deb and Dockerfile.rpm
- Use debian:latest and rockylinux:8 containers directly
- Simplify test scripts by removing intermediate image builds
- Remove obsolete test-install-deb.sh and test-install-rpm.sh
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Remove Dockerfile.deb and Dockerfile.rpm (replaced by Dockerfile.package)
- Remove build-deb.sh and build-rpm.sh (replaced by fpm in Dockerfile.package)
- Remove test Dockerfiles and old test packages
- Keep only: deb/, rpm/, systemd/ directories with maintainer scripts
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Add Dockerfile.package with multi-stage build (builder, package-builder, output)
- Update Makefile to use new Dockerfile.package for package-deb and package-rpm targets
- Replace dpkg-deb and rpmbuild with fpm for consistent packaging
- Both DEB and RPM packages now built from single Dockerfile
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Add Timestamp field (int64, nanoseconds since Unix epoch) to LogRecord
- Import time package in api/types.go
- Set timestamp using time.Now().UnixNano() in NewLogRecord()
- Add test assertion to verify timestamp is set
The timestamp is now included in all JSON log outputs
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Add PacketBufferSize field to api.Config struct
- Add DefaultPacketBuffer constant (1000 packets)
- Add JA4SENTINEL_PACKET_BUFFER_SIZE environment variable support
- Update mergeConfigs to handle PacketBufferSize override
- Update main.go to use configurable buffer size with fallback
- Update config.yml.example with packet_buffer_size option
Allows tuning for high-traffic environments by increasing buffer size
via config file or environment variable
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Add TestFormatPorts covering empty, single, and multiple ports
- Add TestMain_VersionFlag_VerifiesOutput checking version variables
- Add TestFlagParsing verifying CLI flag parsing behavior
- Fix .gitignore to only ignore root-level binary, not cmd/ja4sentinel/
Implements testing.policy.requirements.test_skeletons from architecture.yml
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
Ajout du point d'entrée principal :
- cmd/ja4sentinel/main.go : pipeline complet avec gestion des signaux
- Intégration des modules (capture, tlsparse, fingerprint, output)
- Shutdown propre avec context.Context
Corrections du parsing TLS :
- Flow key unidirectionnel (client → serveur uniquement)
- Timeout de flux configurable via FlowTimeoutSec
- Structure ConnectionFlow simplifiée
Améliorations de l'API :
- Champs TCPMSS et TCPWScale en pointeurs (omitempty correct)
- NewLogRecord mis à jour pour les champs optionnels
Mise à jour de l'architecture :
- architecture.yml : documentation des champs optionnels
- Règles de flux unidirectionnel documentées
Système de packages :
- Version par défaut : 1.0.0
- Nommage cohérent : ja4sentinel_1.0.0_amd64.deb
- Scripts build-deb.sh et build-rpm.sh simplifiés
- Extraction correcte des checksums
Tests :
- TestFlowKey mis à jour pour le format unidirectionnel
- Tous les tests passent (go test ./...)
- go vet clean
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Ajout des cibles make ci, ci-test, ci-build, ci-package, ci-package-test
- Correction des chemins de sortie des packages (build/deb, build/rpm)
- Build RPM sur Rocky Linux 9 pour dépendances correctes (libpcap.so.1)
- Fix tests RPM (command -v au lieu de which, fallback libpcap)
- Tous les tests passent (11/11 DEB, 11/11 RPM)
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
Cible: Rocky Linux 9 (compatible RHEL/CentOS)
Changes:
- packaging/Dockerfile.rpm: Build pour Rocky Linux
- packaging/build-rpm.sh: Ajout paramètre distribution (rocky/rhel/centos)
- packaging/rpm/ja4sentinel.spec:
* Condition %if 0%{?rhel} >= 8 pour compatibilité RHEL
* Description mise à jour avec Rocky Linux
- packaging/test/Dockerfile.rpm: Test sur Rocky Linux 9
- packaging/test/test-*.sh: Tests spécifiques Rocky Linux
- .github/workflows/build-rpm.yml:
* Nom du job: 'Build RPM Package (Rocky Linux)'
* TARGET_DIST: rockylinux:9
* Simplification du build via Docker
Documentation:
- README.md: Instructions d'installation pour .rpm (Rocky/RHEL) et .deb (Debian/Ubuntu)
- Remplacement des instructions de build par installation via packages
Compatibilité:
- Rocky Linux 8.x et 9.x
- RHEL 8.x et 9.x
- CentOS Stream 8 et 9
- AlmaLinux 8.x et 9.x
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
